Heap overflow

Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service crash via vectors related to dangling pointer...

CVE-2007-2867

Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service crash via vectors related to dangling pointer...

Pegasus ImagN - ActiveX Control Remote Buffer Overflow

Pegasus ImagN - ActiveX Control Remote Buffer Overflow ?php / win32adduser - PASS=tzu EXITFUNC=seh USER=sun Size=483 Encoder=PexAlphaNum http://metasploit.com / $shellcode = "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49"...

Pegasus ImagN - ActiveX Control Remote Buffer Overflow

?php / win32adduser - PASS=tzu EXITFUNC=seh USER=sun Size=483 Encoder=PexAlphaNum http://metasploit.com / $shellcode = "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49". "\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36"...

BMC Patrol PerformAgent bgs_sdservice Memory Corruption Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of BMC Patrol. User interaction is not required to exploit this vulnerability. The specific flaw exists due to improper parsing of XDR data sent to the bgssdservice.exe process listening by default on TCP po...

MS Windows (.doc File) Malformed Pointers Denial of Service Exploit

No description provided by source. / Microsoft Windows .doc File Malformed Pointers DoS &...

MOPB-13-2007:PHP 4 Ovrimos Extension Multiple Vulnerabilities

Summary The Ovrimos extension is an external contributed extension for the Ovrimos SQL Server, which is a client/server, transactional RDBMS combined with Web capabilities and fast transactions. While looking at the code it was discovered that does not use resources to keep track of connections a...

Microsoft Windows - '.doc' Malformed Pointers Denial of Service

/\ Microsoft Windows .doc File Malformed Pointers DoS Just move your mouse on the file and explorer crashes. If it does not try to look at file properties. Bug comes from Ole32.dll: CMP DWORD PTR DS:EAX+EBX,3 and we can set EAX, EDX and ESI with arbitrary values. Check the file, magic offsets are...

MS Windows (.doc File) Malformed Pointers Denial of Service Exploit

Exploit for unknown platform in category dos / poc =================================================================== MS Windows .doc File Malformed Pointers Denial of Service Exploit =================================================================== /\ Microsoft Windows .doc File Malformed...

Microsoft Windows - .doc Malformed Pointers Denial of Service

Microsoft Windows - .doc Malformed Pointers Denial of Service /\ Microsoft Windows .doc File Malformed Pointers DoS Just move your mouse on the file and explorer crashes. If it does not try to look at file properties. Bug comes from Ole32.dll: CMP DWORD PTR DS:EAX+EBX,3 and we can set EAX, EDX an...

SUSE-SA:2007:004: krb5

The remote host is missing the patch for the advisory SUSE-SA:2007:004 krb5. Various bugs in the Kerberos5 libraries and tools were fixed which could be used by remote attackers to crash and potentially execute code in kadmind. - CVE-2006-6144 / MITKRB5-SA-2006-002: the RPC library could call an...

CVE-2006-6952

Computer Associates Host Intrusion Prevention System HIPS drivers 1 Core kmxstart.sys 6.5.4.31 and 2 Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers...

CVE-2006-6952

CVE-2006-6952 affects CA Personal Firewall/CA Internet Security Suite 2007: HIPS Core (KmxStart.sys) and HIPS Firewall (KmxFw.sys) allow local privilege escalation by using privileged IOCTLs to modify callback pointers. Impact is local privilege escalation; affected products include CA Personal F...

Microsoft Visual C++ - .RC Resource Files Local Buffer Overflow

Microsoft Visual C++ - .RC Resource Files Local Buffer Overflow // // // Microsoft Visual C++ 6.0 SP6 resource compiler buffer overflow // vulnerability .rc resource files exploit // // vulnerability found / exploit built by porkythepig // // include "stdio.h" include "stdlib.h" include "memory.h...

Kerberos administration daemon fails to properly initialize function pointers

Overview The Kerberos administration daemon fails to properly initialize pointers. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Description A vulnerability exists in the way the Kerberos administration daemon handles...

CVE-2006-6144

The "mechglue" abstraction interface of the GSS-API library for Kerberos 5 1.5 through 1.5.1, as used in Kerberos administration daemon kadmind and other products that use this library, allows remote attackers to cause a denial of service crash via unspecified vectors that cause mechglue to free...

[Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.

Computer Associates "Host Intrusion Prevention System" Engine Drivers are prone to multiple local privilege escalation vulnerabilities. Unprivileged users can take advantage of these flaws in order to execute arbitrary code with kernel privileges. Two drivers are affected, kmxstart.sys and...

Microsoft PowerPoint fails to properly handle malformed object pointers

Overview Microsoft PowerPoint contains a vulnerability in the handling of malformed object pointers, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft PowerPoint contains a vulnerability that could be exploited when PowerPoi...

Improper Validation of User-mode Pointers

Improper Validation of User-mode Pointers Many of the hooks that KAV installs and even the custom system services suffer from flaws that are detrimental to the operation of the system. For instance, KAV's modified NtOpenProcess attempts to determine if a user address is valid by comparing it to t...

Microsoft Word Malformed Object Pointer Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. The issue arises because Word fails to properly handle malformed object pointers. Reports indicate that this issue can allow remote attackers to execute arbitrary code on a vulnerable computer by supplying a malicious...